How to add IdentityServerIdentityResourceClaims value in OpenId #7282 | Support

Priyanka created 5 months ago

Recently, I have migrated IdentityServer to OpenIddict but after migration my UI is not loading as I'm not getting values of IdentityServerIdentityResourceClaims table, what is the table replacement for IdentityServerIdentityResourceClaims in OpenIddict.

ABP Framework version: v8.1.1

UI Type:React

Database System: EF Core (SQL Server)

Tiered (for MVC) or Auth Server Separated (for Angular): yes

Exception message and full stack trace:NA

Steps to reproduce the issue: Migrate from IdentityServer to OpenIddict

8 Answer(s)

0

liangshiwei created 5 months ago
Support Team Fullstack Developer

Hi,

See: https://docs.abp.io/en/abp/latest/Modules/OpenIddict#tables

The table is OpenIddictScopes
0

Priyanka created 5 months ago

Hi,

See: https://docs.abp.io/en/abp/latest/Modules/OpenIddict#tables

The table is OpenIddictScopes

In my IdentityServerIdentityResourceClaims table I have below fields

Type sub birthdate family_name gender given_name locale middle_name name nickname picture preferred_username profile updated_at website zoneinfo email email_verified address phone_number phone_number_verified role

In this table OpenIddictScopes, am I supposed to add above values in "Resources" column, if yes, will it be comma separate or 1 value in one row?
0

liangshiwei created 5 months ago
Support Team Fullstack Developer

Hi,

You need to add a scope for each
0

Priyanka created 5 months ago

Hi,

You need to add a scope for each

Hi, as suggested I have inserted data in OpenIddictScopes but earlier when I was using IdentityServerIdentity this was the data in my auth variable

"token_type":"Bearer","scope":"openid offline_access","profile":{"s_hash":"DS82_CYQtxmPC76J8Yjz_w","sid":"FFCD5C72C428640804F41F72DAFC8059","sub":"8405d374-ec46-1ed7-bc4d-3a04e58abcde","auth_time":1717402623,"idp":"local","preferred_username":"admin","given_name":"admin","amr":["pwd"]},"expires_at":1748939693

Now, I'm getting this in my auth variable "token_type":"Bearer","scope":"openid offline_access","profile":{"sub":"8405d374-ec46-1ed7-bc4d-3a04e58abcde","oi_au_id":"85c661bd-a8e3-f572-3657-3a12880f1aa6","azp":"eFC_App","oi_tkn_id":"6884f2bd-465d-19bb-d606-3a12ef7a0f53"},"expires_at":1717408376}

Is there any other change required to get all properties? I want to get preferred_username, given_name, auth_time etc. in Profile.
0

liangshiwei created 5 months ago
Support Team Fullstack Developer

Hi,

You need to add the claims manually.

https://docs.abp.io/en/abp/latest/Modules/OpenIddict#updating-claims-in-access_token-and-id_token https://docs.abp.io/en/abp/latest/Authorization#claims-principal-factory
0

Priyanka created 5 months ago

Hi,

You need to add the claims manually.

https://docs.abp.io/en/abp/latest/Modules/OpenIddict#updating-claims-in-access_token-and-id_token https://docs.abp.io/en/abp/latest/Authorization#claims-principal-factory

Hi, right now I'm using below class for claim public class myAppUserClaimFactory : UserClaimsPrincipalFactory<Volo.Abp.Identity.IdentityUser, Volo.Abp.Identity.IdentityRole>, ITransientDependency,

Is it not required now?
0

liangshiwei created 5 months ago
Support Team Fullstack Developer

Hi,

Yes, you don't need it. we refactored the new claims contributor system
0

Priyanka created 5 months ago

Hi,

Yes, you don't need it. we refactored the new claims contributor system

Hi, thank you for the above links, I'm able to add custom claims now.

Have an answer to this question? Log in and write your answer.